{"id":3693,"date":"2012-12-31T09:09:13","date_gmt":"2012-12-31T01:09:13","guid":{"rendered":"https:\/\/blog.trendmicro.com.tw\/?p=3693"},"modified":"2012-12-20T16:56:14","modified_gmt":"2012-12-20T08:56:14","slug":"%e5%a4%9a%e5%80%8b%e9%9b%b6%e6%99%82%e5%b7%ae%e6%bc%8f%e6%b4%9e%e6%a6%82%e5%bf%b5%e8%ad%89%e6%98%8e%e6%94%bb%e6%93%8a%e7%a2%bc%e5%a8%81%e8%84%85mysql%e4%bc%ba%e6%9c%8d%e5%99%a8","status":"publish","type":"post","link":"https:\/\/blog.trendmicro.com.tw\/?p=3693","title":{"rendered":"\u591a\u500b\u96f6\u6642\u5dee\u6f0f\u6d1e\u6982\u5ff5\u8b49\u660e\u653b\u64ca\u78bc\u5a01\u8105MySQL\u4f3a\u670d\u5668"},"content":{"rendered":"<p>\u5728\u9019\u4eca\u5e74\u7684\u6700\u5f8c\u4e00\u500b\u6708\uff0cMySQL\u88ab\u4e00\u7d44\u96f6\u6642\u5dee\u6f0f\u6d1e\u653b\u64ca\u78bc\u7d66\u6df9\u6c92\u4e86\u3002\u9019\u4e9b\u90fd\u662f\u7531<a href=\"https:\/\/www.exploit-db.com\/author\/?a=1856\">Kingcope<\/a>\u6240\u767c\u8868\uff0c\u4ed6\u4e5f\u516c\u5e03\u4e86\u9019\u4e9b\u5b89\u5168\u6f0f\u6d1e\u7684\u6982\u5ff5\u8b49\u660e\uff08PoC\uff09\u653b\u64ca\u78bc\u3002<\/p>\n<p>\u6700\u65b0\u88ab\u767c\u73fe\u7684<a href=\"https:\/\/seclists.org\/oss-sec\/2012\/q4\/388\">\u96f6\u6642\u5dee\u6f0f\u6d1e<\/a>\u6703\u7528\u591a\u7a2e\u65b9\u5f0f\u4f86\u5f71\u97ffMySQL\uff0c\u50cf\u662f\u61c9\u7528\u7a0b\u5f0f\u5d29\u6f70\/\u963b\u65b7\u670d\u52d9\u3001\u5347\u7d1a\u6b0a\u9650\u3001\u8eab\u4efd\u9a57\u8b49\u7e5e\u904e\u3001Windows\u7cfb\u7d71\u4e0a\u7684\u9060\u7aef\u7ba1\u7406\u8005\u6b0a\u9650\u548c\u5806\u7a4d\u5340\uff08Heap\uff09\/\u5806\u758a\u5340\uff08Stack\uff09\u6ea2\u4f4d\u3002\u9019\u4e9b\u6f0f\u6d1e\u5df2\u7d93\u88ab\u8edf\u9ad4\u5ee0\u5546\u78ba\u8a8d\uff0c\u4e26\u88ab\u5206\u914d\u4e86CVE\u7de8\u865f\uff1aCVE-2012-5611\u3001CVE-2012-5612\u3001CVE-2012-5613\u3001CVE-2012-5614\u3001CVE-2012-5615\u3002<\/p>\n<p>\u5169\u500b\u56b4\u91cd\u7684\u5b89\u5168\u554f\u984c\uff0cExploitDB\uff1a<a href=\"https:\/\/www.exploit-db.com\/exploits\/23073\/\">23073<\/a>\u548c<a href=\"https:\/\/www.exploit-db.com\/exploits\/23083\/\">23083<\/a>\u5728MySQL\u4e0a\u5141\u8a31\u9060\u7aef\u8eab\u4efd\u8a8d\u8b49\u904e\u7684\u653b\u64ca\u8005\u900f\u904e\u767c\u9001\u7279\u88fd\u8acb\u6c42\u4f86\u53d6\u5f97Windows\u7cfb\u7d71\u6b0a\u9650\u3002<\/p>\n<p>\u4ee5\u4e0b\u662f\u5176\u4ed6\u7684\u56b4\u91cd\u554f\u984c\uff1a<\/p>\n<ul>\n<li>\uff08CVE-2012-5611\uff09\uff1a\u7d93\u7531\u767c\u9001\u8d85\u9577\u53c3\u6578\u7d66GRANT FILE\u6307\u4ee4\u4f86\u767c\u52d5\uff0c\u63a5\u8457\u6703\u5c0e\u81f4\u5806\u758a\u7de9\u885d\u5340\u6ea2\u4f4d\u3002\u5b83\u8b93\u9060\u7aef\u653b\u64ca\u8005\u53ef\u4ee5\u57f7\u884c\u4efb\u610f\u7a0b\u5f0f\u78bc\uff0c\u751a\u81f3\u5c0e\u81f4\u8cc7\u6599\u5eab\u5d29\u6f70\u3002\u4e0d\u904e\uff0c\u8981\u5229\u7528\u9019\u500b\u6f0f\u6d1e\uff0c\u5fc5\u9808\u8981\u6709\u6709\u6548\u7684\u7528\u6236\u540d\u7a31\u548c\u5bc6\u78bc\u3002<\/li>\n<li>\uff08CVE-2012-5612\uff09\uff1a\u4e00\u9023\u4e32\u7279\u88fd\u7684\u6307\u4ee4\u53ef\u4ee5\u5c0e\u81f4\u5806\u7a4d\u7de9\u885d\u5340\u6ea2\u51fa\u6f0f\u6d1e\uff0c\u50cf\u662fUSE\u3001SHOW TABLES\u3001DESCRIBE\u3001CREATE TABLE\u3001DROP TABLE\u3001ALTER TABLE\u3001DELETE FROM\u3001UPDATE\u3001SET PASSWORD\u7b49\u3002\u5982\u679c\u6f0f\u6d1e\u653b\u64ca\u6210\u529f\uff0c\u53ef\u4ee5\u8b93\u8eab\u4efd\u9a57\u8b49\u904e\u7684\u4f4e\u6b0a\u9650\u9060\u7aef\u653b\u64ca\u8005\u53bb\u66f4\u6539\u4e00\u500b\u76ee\u524d\u4f7f\u7528\u8005\u7684\u5bc6\u78bc\u6210\u4e00\u500b\u672a\u5b9a\u7fa9\u503c\u3002<\/li>\n<li>\uff08CVE-2012-5614\uff09\uff1a\u53ef\u4ee5\u900f\u904eSELECT\u6307\u4ee4\u548c\u4e00\u500b\u5305\u542b\u5927\u91cf\u7368\u7279\u3001\u5d4c\u5165\u5143\u7d20XML\u7684UpdateXML\u6307\u4ee4\u4f86\u9020\u6210\u670d\u52d9\u5d29\u6f70\u3002\u8981\u6210\u529f\u5229\u7528\u6b64\u6f0f\u6d1e\u4e5f\u9700\u8981\u8eab\u5206\u8a8d\u8b49\u904e\u7684\u6709\u6548\u4f7f\u7528\u8005\u540d\u7a31\u548c\u5bc6\u78bc\u3002<\/li>\n<li>\uff08CVE-2012-5615\uff09\uff1aMySQL\u5167\u7684\u5217\u8209\uff08Enumeration\uff09\u6f0f\u6d1e\uff0c\u53ef\u4ee5\u8b93\u9060\u7aef\u653b\u64ca\u8005\u6839\u64da\u6240\u7522\u751f\u7684\u932f\u8aa4\u8a0a\u606f\u4f86\u7372\u53d6\u6240\u6709\u6709\u6548\u7684\u7528\u6236\u540d\u7a31\u3002<\/li>\n<li>\uff08CVE-2012-5613\uff09\uff1a\u9019\u4e0d\u88ab\u8996\u70ba\u8edf\u9ad4\u7684\u5b89\u5168\u6f0f\u6d1e\uff0c\u56e0\u70ba\u5b83\u662f\u56e0\u70ba\u8a2d\u5b9a\u932f\u8aa4\u800c\u9020\u6210\u3002\u4f46\u5b83\u53ef\u4ee5\u8b93\u9060\u7aef\u8a8d\u8b49\u904e\u7684\u4f7f\u7528\u8005\u7372\u5f97\u7ba1\u7406\u8005\u6b0a\u9650\u3002\u4e00\u500b\u6709FILE\u6b0a\u9650\u7684\u653b\u64ca\u8005\u53ef\u4ee5\u5efa\u7acb\u8ddfMySQL\u7ba1\u7406\u8005\u5b8c\u5168\u4e00\u6a23\u6b0a\u9650\u7684\u65b0\u4f7f\u7528\u8005\u3002<\/li>\n<\/ul>\n<p>MySQL\u8cc7\u6599\u5eab\u662f\u6709\u540d\u7684\u9ad8\u6548\u80fd\u3001\u9ad8\u53ef\u9760\u6027\u548c\u6613\u65bc\u4f7f\u7528\u3002\u5b83\u53ef\u4ee5\u904b\u884c\u5728Windows\u548c\u8a31\u591a\u975eWindows\u5e73\u53f0\u4e0a\uff0c\u50cfUNIX\u3001Mac OS\u3001Solaris\u3001IBM AIX\u7b49\u3002\u5b83\u4e00\u76f4\u662f\u6210\u9577\u6700\u5feb\u7684\u61c9\u7528\u7a0b\u5f0f\uff0c\u4e5f\u88ab\u8a31\u591a\u5927\u516c\u53f8\u6240\u9078\u7528\uff0c\u50cf\u662fFacebook\u3001Google\u548cAdobe\u7b49\u7b49\u3002\u4e5f\u56e0\u70ba\u5b83\u7684\u666e\u53ca\uff0c\u7db2\u8def\u72af\u7f6a\u5206\u5b50\u548c\u5176\u4ed6\u653b\u64ca\u8005\u4e5f\u80af\u5b9a\u6703\u76ef\u4e0a\u9019\u5e73\u53f0\u3002<\/p>\n<p>\u70ba\u4e86\u5e6b\u52a9\u4f7f\u7528\u8005\u89e3\u6c7a\u9019\u4e9b\u554f\u984c\uff0c\u8da8\u52e2\u79d1\u6280<a href=\"https:\/\/www.trendmicro.com.tw\/edm\/Tracking.asp?id=2747&amp;name=20111123\">Deep Security<\/a>\u5df2\u7d93\u767c\u5e03\u4e86\u66f4\u65b0 \u2013 12-032\uff0c\u5305\u542b\u4e00\u5957\u65b0\u7684DPI\u898f\u5247\u3002\u5efa\u8b70\u4f7f\u7528\u8005\u66f4\u65b0\u4ee5\u4e0b\u7684DPI\u898f\u5247\u3002<\/p>\n<p>&nbsp;<\/p>\n<table  class=\" table table-hover\" border=\"1\" cellpadding=\"0\">\n<tbody>\n<tr>\n<td width=\"199\">\n<p align=\"center\"><strong>Exploit DB<\/strong><strong><\/strong><\/p>\n<\/td>\n<td width=\"140\">\n<p align=\"center\"><strong>CVE<\/strong><strong>\u7de8\u865f<\/strong><strong><\/strong><\/p>\n<\/td>\n<td width=\"214\">\n<p align=\"center\"><strong>DPI <\/strong><strong>\u898f\u5247\u540d\u7a31<\/strong><strong><\/strong><\/p>\n<\/td>\n<\/tr>\n<tr>\n<td width=\"199\">\n<p align=\"center\"><a href=\"https:\/\/www.exploit-db.com\/exploits\/23076\/\">23076 MySQL (Linux) Heap Based Overrun PoC Zeroday<\/a><\/p>\n<\/td>\n<td width=\"140\">\n<p align=\"center\"><a href=\"https:\/\/cve.mitre.org\/cgi-bin\/cvename.cgi?name=CVE-2012-5612\">CVE-2012-5612<\/a><\/p>\n<\/td>\n<td width=\"214\">\n<p align=\"center\">1005264 \u2013 Oracle MySQL Server Command Length Restriction<\/p>\n<\/td>\n<\/tr>\n<tr>\n<td width=\"199\">\n<p align=\"center\"><a href=\"https:\/\/www.exploit-db.com\/exploits\/23081\/\">23081 MySQL Remote Preauth User Enumeration Zeroday<\/a><\/p>\n<\/td>\n<td width=\"140\">\n<p align=\"center\"><a href=\"https:\/\/cve.mitre.org\/cgi-bin\/cvename.cgi?name=CVE-2012-5615\">CVE-2012-5615<\/a><\/p>\n<\/td>\n<td width=\"214\">\n<p align=\"center\">1005045 \u2013 MySQL Database Server Possible Login Brute Force Attempt*<\/p>\n<\/td>\n<\/tr>\n<tr>\n<td width=\"199\">\n<p align=\"center\"><a href=\"https:\/\/www.exploit-db.com\/exploits\/23078\/\">23078 MySQL Denial of Service Zeroday PoC<\/a><\/p>\n<\/td>\n<td width=\"140\">\n<p align=\"center\"><a href=\"https:\/\/cve.mitre.org\/cgi-bin\/cvename.cgi?name=CVE-2012-5614\">CVE-2012-5614<\/a><\/p>\n<\/td>\n<td width=\"214\">\n<p align=\"center\">1005265 \u2013 Oracle MySQL Server Denial Of Service Vulnerability<\/p>\n<\/td>\n<\/tr>\n<tr>\n<td width=\"199\">\n<p align=\"center\"><a href=\"https:\/\/www.exploit-db.com\/exploits\/23083\/\">23083 MySQL Windows Remote System Level Exploit (Stuxnet technique) 0day<br \/>\n<\/a><\/p>\n<\/td>\n<td width=\"140\"><\/td>\n<td width=\"214\">\n<p align=\"center\">1005263 \u2013 Windows MySQL Server Remote Code Execution<\/p>\n<\/td>\n<\/tr>\n<tr>\n<td width=\"199\">\n<p align=\"center\"><a href=\"https:\/\/www.exploit-db.com\/exploits\/23075\/\">23075 MySQL (Linux) Stack Based Buffer Overrun PoC Zeroday<\/a><\/p>\n<\/td>\n<td width=\"140\">\n<p align=\"center\"><a href=\"https:\/\/cve.mitre.org\/cgi-bin\/cvename.cgi?name=CVE-2012-5611\">CVE-2012-5611<\/a><\/p>\n<\/td>\n<td width=\"214\">\n<p align=\"center\">1005266 \u2013 Oracle MySQL GRANT Command Stack Buffer Overflow Vulnerability<\/p>\n<\/td>\n<\/tr>\n<tr>\n<td width=\"199\">\n<p align=\"center\"><a href=\"https:\/\/www.exploit-db.com\/exploits\/23077\/\">23077 MySQL (Linux) Database Privilege Elevation Zero day Exploit<\/a><\/p>\n<\/td>\n<td width=\"140\">\n<p align=\"center\"><a href=\"https:\/\/cve.mitre.org\/cgi-bin\/cvename.cgi?name=CVE-2012-5613\">CVE-2012-5613<\/a><\/p>\n<\/td>\n<td width=\"214\">\n<p align=\"center\">1005266 \u2013 Oracle MySQL GRANT Command Stack Buffer Overflow Vulnerability<\/p>\n<\/td>\n<\/tr>\n<tr>\n<td width=\"199\">\n<p align=\"center\"><a href=\"https:\/\/www.exploit-db.com\/exploits\/23073\/\">23073 MySQL 5.1\/5.5 WiNDOWS REMOTE R00T (mysqljackpot)<\/a><\/p>\n<\/td>\n<td width=\"140\"><\/td>\n<td width=\"214\">\n<p align=\"center\">1004177 \u2013 Oracle MySQL \u2018COM_FIELD_LIST\u2019 Command Buffer Overflow Vulnerability*<\/p>\n<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<p>* \u9019\u4e9b\u6f0f\u6d1e\u5df2\u7d93\u88ab\u5305\u542b\u5728\u73fe\u6709DPI\u898f\u5247\u5167\u4e86\u3002<\/p>\n<p>\u8da8\u52e2\u79d1\u6280\u7684DPI\u898f\u5247\u53ef\u4ee5\u4fdd\u8b77\u4f7f\u7528\u8005\u514d\u53d7\u9019\u4e9b\u5df2\u77e5\u6f0f\u6d1e\u7684\u653b\u64ca\u3002\u622a\u81f3\u672c\u6587\u64b0\u5beb\u6642\uff0c\u6211\u5011\u9084\u6c92\u770b\u5230\u4efb\u4f55\u5229\u7528\u9019\u4e9b\u6982\u5ff5\u8b49\u660e\u78bc\u9032\u884c\u7684\u653b\u64ca\u3002<\/p>\n<p>&nbsp;<\/p>\n<p>\uff20\u539f\u6587\u51fa\u8655\uff1a<a href=\"https:\/\/blog.trendmicro.com\/trendlabs-security-intelligence\/multiple-zero-day-poc-exploits-threaten-oracle-mysql-server\/\">Multiple Zero-Day POC Exploits Threaten Oracle MySQL Server<\/a>\u4f5c\u8005\uff1a<a href=\"https:\/\/blog.trendmicro.com\/trendlabs-security-intelligence\/author\/pavithra-hanchagaiah\/\">Pavithra Hanchagaiah\uff08\u8cc7\u6df1\u5b89\u5168\u7814\u7a76\u54e1\uff09<\/a><br \/>\n\u60f3\u4e86\u89e3\u66f4\u591a\u95dc\u65bc\u7db2\u8def\u5b89\u5168\u7684\u79d8\u8a23\u548c\u5efa\u8b70\uff0c\u53ea\u8981\u5230<a href=\"https:\/\/www.facebook.com\/trendmicrotaiwan\">\u8da8\u52e2\u79d1\u6280\u7c89\u7d72\u7db2\u9801<\/a> \u6216\u4e0b\u9762\u7684\u6309\u9215\u6309\u8b9a<br \/>\n<iframe loading=\"lazy\" style=\"width: 350px; height: 62px; overflow: hidden;\" src=\"https:\/\/www.facebook.com\/plugins\/likebox.php?id=255176705131&amp;width=350&amp;connections=0&amp;stream=false&amp;header=false&amp;height=62\" frameborder=\"0\" scrolling=\"no\" width=\"320\" height=\"240\"><\/iframe><\/p>\n<p><a href=\"https:\/\/www.trendmicro.com.tw\/edm\/Tracking.asp?id=2928&amp;name=20120702\"><img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/www.trendmicro.com.tw\/apt\/tw\/images\/banner.jpg\" alt=\"APT \u653b\u64ca\" width=\"500\" height=\"150\" border=\"0\" \/><\/a><\/p>\n<p>&nbsp;<\/p>\n<div><strong>\u25ce\u5373\u523b\u52a0\u5165\u8da8\u52e2\u79d1\u6280\u793e\u7fa4\u7db2\u7ad9,\u7cbe\u5f69\u4e0d\u6f0f\u7db2<\/strong><\/div>\n<div><strong>\u00a0<\/strong><a href=\"https:\/\/www.trendmicro.com.tw\/edm\/Tracking.asp?id=2762&amp;name=20111213\"><img decoding=\"async\" src=\"https:\/\/www.trendmicro.com.tw\/campaign\/tw_blog_images\/blogad\/FBICON.PNG\" alt=\"\" \/><\/a> <a href=\"https:\/\/www.trendmicro.com.tw\/edm\/Tracking.asp?id=2763&amp;name=20111213\"><img decoding=\"async\" src=\"https:\/\/www.trendmicro.com.tw\/campaign\/tw_blog_images\/blogad\/plurk.PNG\" alt=\"\" \/><\/a> <a href=\"https:\/\/www.trendmicro.com.tw\/edm\/Tracking.asp?id=2764&amp;name=20111213\"><img decoding=\"async\" src=\"https:\/\/www.trendmicro.com.tw\/campaign\/tw_blog_images\/blogad\/YOUTUBE.PNG\" alt=\"\" \/><\/a><a href=\"https:\/\/www.trendmicro.com.tw\/edm\/Tracking.asp?id=2766&amp;name=20111213\"><img decoding=\"async\" src=\"https:\/\/www.trendmicro.com.tw\/campaign\/tw_blog_images\/blogad\/G+.PNG\" alt=\"\" \/><\/a> <a href=\"https:\/\/www.trendmicro.com.tw\/edm\/Tracking.asp?id=2765&amp;name=20111213\"><img decoding=\"async\" src=\"https:\/\/www.trendmicro.com.tw\/campaign\/tw_blog_images\/blogad\/RSS.PNG\" alt=\"\" \/><\/a><\/div>\n<div id=\"toolbar-box\"><\/div>\n","protected":false},"excerpt":{"rendered":"<p>\u5728\u9019\u4eca\u5e74\u7684\u6700\u5f8c\u4e00\u500b\u6708\uff0cMySQL\u88ab\u4e00\u7d44\u96f6\u6642\u5dee\u6f0f\u6d1e\u653b\u64ca\u78bc\u7d66\u6df9\u6c92\u4e86\u3002\u9019\u4e9b\u90fd\u662f\u7531Kingcope\u6240\u767c\u8868\uff0c\u4ed6\u4e5f\u516c\u5e03\u4e86\u9019 [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":"","_wpscppro_dont_share_socialmedia":false,"_wpscppro_custom_social_share_image":0,"_facebook_share_type":"","_twitter_share_type":"","_linkedin_share_type":"","_pinterest_share_type":"","_linkedin_share_type_page":"","_instagram_share_type":"","_medium_share_type":"","_threads_share_type":"","_google_business_share_type":"","_selected_social_profile":[],"_wpsp_enable_custom_social_template":false,"_wpsp_social_scheduling":{"enabled":false,"datetime":null,"platforms":[],"status":"template_only","dateOption":"today","timeOption":"now","customDays":"","customHours":"","customDate":"","customTime":"","schedulingType":"absolute"},"_wpsp_active_default_template":true},"categories":[156],"tags":[870,872,871],"aioseo_notices":[],"_links":{"self":[{"href":"https:\/\/blog.trendmicro.com.tw\/index.php?rest_route=\/wp\/v2\/posts\/3693"}],"collection":[{"href":"https:\/\/blog.trendmicro.com.tw\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/blog.trendmicro.com.tw\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/blog.trendmicro.com.tw\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/blog.trendmicro.com.tw\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=3693"}],"version-history":[{"count":0,"href":"https:\/\/blog.trendmicro.com.tw\/index.php?rest_route=\/wp\/v2\/posts\/3693\/revisions"}],"wp:attachment":[{"href":"https:\/\/blog.trendmicro.com.tw\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=3693"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/blog.trendmicro.com.tw\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=3693"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/blog.trendmicro.com.tw\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=3693"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}